[CDBUG-talk] blackhole time-warner

Dave Del Debbio ddeldebb at gmail.com
Tue Jul 22 14:50:38 EDT 2008

Does else want to do this?  Time Warner has a dhcp server at serving my dynamic ip connection.  I don't have a route to
10/8 in the routing table, yet I keep getting icmp echo requests
from the dhcp server and one other machine on the 10/8 subnet on my

To prevent direct queries, reverse queries, and kill syslog "no route to
host" messages I did the following:

route -q add -inet localhost -blackhole to /etc/rc

edited named.conf and added following:

acl rr {; };

options {
           blackhole { rr; };

and have a (advice from ISC website)

zone "10.in-addr.arpa"{
	type master;
	file "master/empty";

which has:
  ; $OpenBSD: empty,v 0.1 2008/07/21 21:20:25 ddeldebb Exp $

  $ORIGIN 10.in-addr.arpa.
  $TTL 6h

  @	IN	SOA	fw.home.deldebbio.org. root.home.deldebbio.org. (
  			1	; serial
  			1h	; refresh
  			30m	; retry
  			7d	; expiration
  			1h )	; minimum

  		NS	blackhole-1.iana.org.
                 NS      blackhole-2.iana.org.

Is this overkill?  Is there a better way to handle RFC 1918 packets from 
Time Warner?


More information about the CDBUG-talk mailing list